FlashFXP v3.6.0 - Buffer Overflow Vulnerability

2011-07-20T00:00:00
ID VULNERLAB:121
Type vulnerlab
Reporter Vulnerability Research Laboratory
Modified 2011-07-20T00:00:00

Description

A Buffer Overflow Vulnerability is detected on FlashFXP. The vulnerability is located on the unrestricted (size-string) import function. Attackers implement large uni-code strings to overwrite the ebp & eip of the software process. Successful exploitation can result in system compromise via process escalation with system process privileges.

Vulnerable Module(s): [+] .dat import [+] File Assosiations